MVC Pro-Tip: Anti-Forgery Cookie Token And Form Field Token Do Not Match
11 June 2015
Just a really quick thing for you to check - one of the users of a MVC admin system I administer complained that they were getting this error message, after a release:
System.Web.Mvc.HttpAntiForgeryException: The anti-forgery cookie token and form field token do not match.
It turns out they hadn't logged out and back in again since the release - as we are hosting the website on Azure, the machine key (which the AntiForgery stuff uses to validate) would have changed post-release, which is what was causing the issue.
Long story short, if you are getting this exception, it's worth seeing if refreshing your authentication / credentials will solve the issue.
Min said
How do you refresh the authentication / credentials?
Henry said
Log in or out (as mentioned in the post), or clear your browser history / do a hard refresh / CTRL+F5